Check Point’s Global Threat Index for August 2024 revealed ransomware’s continuing dominance, with RansomHub holding its place as the top ransomware group.
RansomHub, a Ransomware-as-a-Service (RaaS) operation, has expanded significantly since its rebranding from Knight ransomware, breaching over 210 victims worldwide. In parallel, Meow ransomware emerged as a significant new threat, pivoting from encryption to selling stolen data on leak marketplaces.
A joint advisory from the FBI, CISA, MS-ISAC, and HHS highlighted RansomHub’s aggressive targeting of systems running Windows, macOS, Linux, and especially VMware ESXi environments, utilizing advanced encryption techniques. Meow ransomware, originating from the leaked Conti ransomware, shifted its focus from file encryption to data theft, selling stolen information to the highest bidder rather than using traditional extortion tactics.
The rise of ransomware operations like RansomHub and Meow signals the growing sophistication of these threats. As Ransomware-as-a-Service operations evolve, organizations must adopt robust cybersecurity measures to protect against increasingly complex attacks.
Top Malware Families in August 2024
FakeUpdates maintained its spot as the most prevalent malware, affecting 8 percent of organizations globally. Known for delivering additional malware like GootLoader and Dridex, it poses a significant risk across platforms.
Androxgh0st followed with a 5 percent global impact, targeting vulnerabilities in frameworks like PHPUnit and Laravel.
Phorpiex, a botnet primarily associated with spam campaigns and sextortion, also impacted 5 percent of global organizations.
Top Ransomware Groups
RansomHub led the pack, responsible for 15 percent of published attacks, followed by Meow (9 percent) and LockBit3 (8 percent).
Top-Attacked Industries Globally
Education/Research, Government/Military, and Healthcare sectors remain the most targeted globally, reinforcing the need for strong defense strategies across these critical areas.
As ransomware tactics evolve, the emergence of data-leak marketplaces further complicates security challenges, requiring organizations to stay vigilant and enhance their defenses against this ever-growing threat.
